Garrett
@unsignedsh0rt.bsky.social
📤 121
📥 62
📝 10
AdSim @ SpecterOps
Had some fun with PDQ deploy/inventory credential decryption and wrote about it here:
unsigned-sh0rt.net/posts/pdq_cr...
thanks to
@dru1d.bsky.social
for writing a BOF out of the POC tl;dr get admin on PDQ box, decrypt privileged creds
loading . . .
Decrypting PDQ credentials | unsigned_sh0rt's blog
Walkthrough of how PDQ credentials encrypts service credentials
https://unsigned-sh0rt.net/posts/pdq_credentials/
6 months ago
0
9
6
reposted by
Garrett
SpecterOps
7 months ago
#SCCM
forest discovery accounts can be decrypted—even those for untrusted forests. If the site server is a managed client, all creds can be decrypted via Administration Service API. Check out our latest blog post from
@unsignedsh0rt.bsky.social
to learn more.
ghst.ly/4buoISp
loading . . .
Decrypting the Forest From the Trees - SpecterOps
TL;DR: SCCM forest discovery accounts can be decrypted including accounts used for managing untrusted forests. If the site server is a managed client, service account credentials can be decrypted via ...
https://ghst.ly/4buoISp
1
22
15
reposted by
Garrett
Dirk-jan
11 months ago
Awesome new addition to krbrelayx by Hugow from Synacktiv:
www.synacktiv.com/publications...
loading . . .
Relaying Kerberos over SMB using krbrelayx
https://www.synacktiv.com/publications/relaying-kerberos-over-smb-using-krbrelayx
0
29
14
Claude.ai
is so sick. I might actually fool people into believing I know how to code with this
loading . . .
Claude
Talk with Claude, an AI assistant from Anthropic
https://Claude.ai
11 months ago
0
5
0
Was doing some digging "What's New" in Server2025
learn.microsoft.com/en-us/window...
specifically the changes to pre-2k machines. Oddvar and I had spoken previously about the changes being solid and demonstrated pre-created machines in ADUC could no longer be set with a default password.
11 months ago
1
10
5
Guess this is the place to be then
11 months ago
0
7
0
you reached the end!!
feeds!
log in
